Worm Munches Away at Critical Windows Flaw
The saga of the MS08-67 security flaw that affects Windows XP, Vista, Windows 2000, Server 2003 and Server 2008 continues. First there was the out-of-date patch released by Microsoft late October, which caught everyone’s eye because Microsoft rarely breaks the update cycle it has in place, unless the problem is big, it affects a fundamental part of the Windows OS, and is exploitable. After the patch was released, a round of explanations ensued, since everyone was intrigued and wanted to find out more about the flaw. The next chapter in this saga was releasing an exploit in the wild such as the Milw0rm and Metasploit ones.
Just as the security experts were expecting, a worm that takes advantage of unpatched, vulnerable Windows-based systems has been detected in the wild. A notice caught my eye the other day - it seems that F-Secure, company that specializes in providing antivirus software solutions and internet security, has detected a worm loose on the net that it is capable of exploiting the MS08-67 vulnerability.
“The exploit payload downloads a dropper that we detect as Trojan-Dropper.Win32.Agent.yhi. The dropped components include a kernel mode DDOS-bot that currently has a selection of Chinese targets in its configuration. The worm component is detected as Exploit.Win32.MS08-067.g and the kernel component as Rootkit.Win32.KernelBot.dg.” says F-Secure.
Symantec, company best known for its Norton Internet Security and Norton 360 security software, also detected a worm that exploits MS08-67 and has called it “Wecorl”. Once the worm infects a system it attempts to download software to that machine (which is most likely malware) and then tries to connect with other machines on the local subnet.
The worm affects only Windows 2000, XP, and Server 2003 – for these operating systems the MS08-67 flaw was deemed critical. Windows Vista and Server 2008, for whom the flaw is only “important”, are currently safe from the worm menace, but who is to say if that will remain so. The best course of action is to patch your Windows OS and update your antivirus software.
Tags: Microsoft, Windows, MS08-67
Just as the security experts were expecting, a worm that takes advantage of unpatched, vulnerable Windows-based systems has been detected in the wild. A notice caught my eye the other day - it seems that F-Secure, company that specializes in providing antivirus software solutions and internet security, has detected a worm loose on the net that it is capable of exploiting the MS08-67 vulnerability.
Advertising
“The exploit payload downloads a dropper that we detect as Trojan-Dropper.Win32.Agent.yhi. The dropped components include a kernel mode DDOS-bot that currently has a selection of Chinese targets in its configuration. The worm component is detected as Exploit.Win32.MS08-067.g and the kernel component as Rootkit.Win32.KernelBot.dg.” says F-Secure.
Symantec, company best known for its Norton Internet Security and Norton 360 security software, also detected a worm that exploits MS08-67 and has called it “Wecorl”. Once the worm infects a system it attempts to download software to that machine (which is most likely malware) and then tries to connect with other machines on the local subnet.
The worm affects only Windows 2000, XP, and Server 2003 – for these operating systems the MS08-67 flaw was deemed critical. Windows Vista and Server 2008, for whom the flaw is only “important”, are currently safe from the worm menace, but who is to say if that will remain so. The best course of action is to patch your Windows OS and update your antivirus software.
Tags: Microsoft, Windows, MS08-67
I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 22 May 2013
The free 9GAG app for Android-powered devices has been updated to version 1.4 earlier this week. The update adds the option to upload posts to 9GAG from within the app.
By George Norman on 21 May 2013
The social Plants vs Zombies Adventures game is now available on Facebook. Trust me, this is a game you’ll want to play!Related News
By George Norman on 02 May 2013
Think your children have adult material on the PC? Use Media Detective to scan the computer, uncover and remove it!
By George Norman on 04 Dec 2012
Microsoft, in a push to get more people to use its browser, is now saying that you should stop hating on Internet Explorer and start using it instead. IE10 is a completely redesigned browser and it’s really good.
By George Norman on 05 Feb 2013
See which applications are set to launch at startup, disable entries and add new ones, get notifications if an application tries to put a startup registry on your system. All these are offered by the free Startup Patrol application
By George Norman on 12 Apr 2013
There’s less than a year until Microsoft will pull the plug on Windows XP. Extended support for the operating system will end on April 8, 2014. Office 2003 will also reach end of extended support on the same date.Advertising
Hot Software Updates
Top Downloads
2.
Opera5.
Trillian8.
AIM9.
Skype10.
Ad-Aware12.
Nero13.
Google Earth14.
Picasa15.
Winamp16.
iTunes17.
RealPlayer18.
uTorrent19.
eMule20.
WinRAR21.
BitComet22.
WinZip23.
Shareaza24.
CCleaner25.
Recuva26.
Tweak UI27.
CuteFTP29.
Adobe Reader30.
NewsPiperBecome A Fan!
Link To Us!
Worm Munches Away at Critical Windows Flaw
HTML Linking Code
HTML Linking Code